Data encryption in a two-tier storage system

ABSTRACT

A method for encrypting data blocks is provided. The method receives a plurality of data blocks and encrypts each data block using an LBA of the data block as a tweak. The method writes the plurality of encrypted data blocks to physical blocks of the plurality of physical disks. The method then performs deduplication on the physical disks by determining that first and second physical blocks in the physical disks are duplicates, decrypting encrypted data in the first physical block using a first LBA associated with the first physical block as the tweak, and re-encrypting decrypted data in the first physical block using a PBA associated with the first physical block as the tweak. When reading the data back, either the LBA or PBA is used as the tweak, depending on whether the data was encrypted using LBA or re-encrypted using PBA during the deduplication process.

BACKGROUND

Distributed systems allow multiple clients in a network to access a pool of shared resources. For example, a distributed storage system allows a cluster of host machines to aggregate local disks (e.g., SSD, PCI-based flash storage, SATA, or SAS magnetic disks) located in, or attached to, each host machine to create a single and shared pool of storage. This pool of storage (sometimes referred to herein as a “datastore” or “store”) is accessible by all host machines in the cluster and may be presented as a single namespace of storage entities (such as a hierarchical file system namespace in the case of files, a flat namespace of unique identifiers in the case of objects, etc.). Storage clients, such as virtual machines (VMs) spawned on the host machines, may use the datastore, for example, to store virtual disks that are accessed by the virtual machines during their operations.

In order to better utilize large-capacity storage devices (e.g., QLC SSD, hard drive, etc.), a multi-layer datastore, such as a virtual storage area network (vSAN) datastore, may be deployed. For example, a two-tier datastore often includes a smaller, but faster, performance tier (e.g., made of memory devices, such as NVMe, PMEM, SLC SSD, MLC SSD, etc.), and a larger, but slower, capacity tier (e.g., made of memory devices, such as TLC SSD, QLC SSD, hard drive, etc.).

A two-tier vSAN datastore stores data received from a device (e.g., a client VM) in two layers, where data may be moved between the different layers at different times. In particular, the vSAN datastore manages storage of data at a block granularity, each block of data being referred to herein as a data block and corresponding to data having a size corresponding to the size of a block of storage. The vSAN datastore may receive a data block, which the device refers to using a logical block address (LBA) that is in an address space used by the device to address blocks of data. Such an LBA may be referred to as an LBA of the data block. Different devices may use the same LBA to refer to different data blocks, as the LBA is specific to the device.

The vSAN datastore may then store the data block in a physical block of a physical storage device (e.g., QLC SSD, TLC SSD, MLC SSD, SLC SSD, hard drive, NVMe, PMEM, etc.) the vSAN datastore uses to store data. The physical block where the data block is stored may be referred to as a physical block of the data block. The physical block of the data block may be addressed by a physical block address (PBA) corresponding to the physical block. The PBA may be in an address space of the physical storage device. Such a PBA of the physical block where the data block is stored may be referred to as a PBA of the data block. Different storage devices or layers of storage of the vSAN datastore may use the same PBA to refer to different physical blocks, as the PBA may be specific to the storage device or layer.

The vSAN datastore may first save the received data blocks in physical blocks of a first layer (e.g., the performance tier) and then (e.g., at a later time) transfer the stored data to physical blocks of a second layer (e.g., the capacity tier). Access to the data in the first layer (e.g., held in a cache object) may be substantially faster than the second layer (e.g., because of faster memory devices), and as such, the vSAN datastore may keep the hot data (e.g., data that needs to be accessed more frequently) in the performance tier before the data gets cold (e.g., less frequently accessed, or not accessed) and be transferred to the capacity tear.

Data encryption (and decryption) in a two-tier datastore, however, can become challenging and can cause undesired additional CPU cost in the host machines. For example, when the datastore uses a tweak to encrypt the data, the datastore may have to encrypt/decrypt the data three times. This is because the data in the received data blocks should be encrypted and written to the performance tier first. Then, the datastore has to decrypt the (encrypted) data after reading the data from the performance tier, and re-encrypt the data before writing it to the capacity tier.

To achieve higher levels of fault tolerance, datastores may implement a variety of fault tolerance mechanisms, such as various levels of RAID and data mirroring, which may result in even higher numbers of data encryption/decryption. For example, when a vSAN datastore uses 3-way mirroring at the performance tier and RAID-6 at the capacity tier, the 3-way mirroring may cause the datastore to perform data encryption/decryption 3 times in the performance tier, while RAID-6 can multiply data encryption/decryption in the capacity tier by 4.5. Such encryption amplification can become even worse if the datastore implements higher levels of fault tolerance. For example, using 5-way mirroring in the performance tier and 12+4 erasure coding (where 4 failures can be tolerated) in the capacity tier may substantially increase the number of data encryptions/decryptions in each tier (e.g., 5 times in the performance tier and 6.33 times in the capacity tier).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram illustrating an example computing environment in which embodiments of the present application may be practiced.

FIG. 2 is a diagram illustrating an example hierarchical structure of objects organized within an object store that represent a virtual disk, according to an example embodiment of the present application.

FIG. 3 is a diagram illustrating different components of a vSAN module, according to an example embodiment of the present application.

FIG. 4 is a diagram illustrating composite objects of the vSAN being erasure coded and partitioned into multiple stripes, according to an example embodiment of the present application.

FIG. 5 is a diagram illustrating an example segment of blocks with two parity columns for a RAID 6 storage, according to an example embodiment of the present disclosure.

FIG. 6 is a diagram illustrating a datastore module receiving a data block from a VM and storing the data in a MetaObj, CapObj and memory of a hosting system, according to an example embodiment of the present disclosure.

FIG. 7 is a diagram illustrating the relationship between logical objects, such as MetaObj, CapObj and in-memory bank, with physical entities of a hosting system, according to an example embodiment of the present disclosure.

FIG. 8 is a flowchart illustrating a method (or process) for data encryption in a full stripe write, according to an example embodiment of the present application.

FIG. 9 illustrates a data log of a MetaObj that includes multiple entries, each entry having a header and a payload, according to an example embodiment of the present application.

FIG. 10 is a diagram illustrating a segment summary block for a full stripe write in a RAID 6 storage, according to an example embodiment of the present disclosure.

FIG. 11 is a flowchart illustrating a method (or process) for data deduplication of a segment (or stipe) of stored data blocks, according to an example embodiment of the present application.

FIG. 12 is a flowchart illustrating a method (or process) for an I/O operation performed on a data block stored on a disk, according to an example embodiment of the present application.

DETAILED DESCRIPTION

In order to store data blocks received, for example, from a virtual machine (VM) of a user, a distributed datastore (e.g., a virtual storage area network (vSAN) datastore) may use different layers of storage. For example, the vSAN datastore may store the received data in physical blocks in a first data storage (e.g., in the performance tier) for quicker access, and later transfer the stored data to a second data storage (e.g., in the capacity tier) that may be accessed less than the first data storage. The datastore, in some hosting systems, may use an advanced encryption standard (AES) algorithm (e.g., AES-256 XTS) for encrypting the data before storing the data in a first object (e.g., the meta object or MetaObj) in the performance tier. The datastore may later decrypt the data stored in the MetaObj, re-encrypt the data, and then store the encrypted data in the second object (e.g., the capacity object or CapObj) in the capacity tier.

To avoid generating identical encrypted data for data blocks that include similar data, AES-256 XTS uses a tweak (e.g., in addition to a secret key and clear text), which is different for each data block, to encrypt (or decrypt) the data. A two-tier datastore, such as vSAN, may use a logical block address (LBA) or a physical block addresses (PBA) of each data block as the tweak for encrypting (or decrypting) the data block. Using the LBAs/PBAs as the tweaks enables the datastore, among other things, to generate different encrypted blocks (or crypto texts) from the data blocks that have the same clear text.

Using either one of the LBAs or PBAs as the tweaks, however, may have its own shortcomings, especially when the datastore supports a log-structured file system (LFS) architecture. For example, a data deduplication process may cause multiple blocks with different LBAs to point to the same physical block. As a result, the datastore may not know which LBA has been used as a tweak for encrypting the data block (e.g., so that it can be used to decrypt the data in the encrypted data block). Additionally, when PBAs are used as tweaks, where the PBAs are different in the different datastore tiers, the datastore has to re-encrypt the data read from one tier (e.g., the performance tier) before writing the re-encrypted data to another tier (e.g., the capacity tier) since the PBAs of each tier are different. Additionally, more encryption and/or decryption cycles may be needed as a result of data movements (e.g., during garbage collection and/or data deduplication) in the LFS architecture.

One solution to the above mentioned problem is described in commonly owned U.S. patent application Ser. No. 16/827,674 (Attorney Docket No. G308), entitled “ENHANCED DATA ENCRYPTION IN DISTRIBUTED DATASTORES USING A CLUSTER-WIDE FIXED RANDOM TWEAK,” filed on Mar. 23, 2020, the entire content of which is incorporated herein by reference. Based on the solution described in the aforementioned patent application, a fixed random tweak may be used to encrypt the data. The datastore may use the random tweak to encrypt the data only once, and because the tweak always stays the same, no additional decryption and/or re-encryption of the data are required during data movements (e.g., during data transfer between the different tiers of the datastore, during garbage collection and/or data deduplication, etc.). Based on this solution, because the same fixed random tweak is used to encrypt all data blocks, data blocks having identical data may end up having identical encrypted data as well.

Another solution is described in commonly owned U.S. patent application Ser. No. 16/827,692 (Attorney Docket No. G310), entitled “ENHANCED DATA ENCRYPTION IN DISTRIBUTED DATASTORES USING RANDOM TWEAKS STORED IN DATA BLOCKS,” filed on Mar. 23, 2020, the entire content of which is incorporated herein by reference. Based on this solution, a random tweak for encrypting each data block is used. The random tweak used for encrypting each data block may then be stored, together with the encrypted data block, in a small computer system interface (SCSI) data integrity field (DIF) (e.g., using a SCSI data integrity extensions (DIX) command). This way, when decryption and/or re-encryption of a data block is needed, the random tweak may be retrieved from the storage and used to decrypt/encrypt the data block. Based on this solution, which requires special hardware for storing the random tweaks in the SCSI DIF, encryption of two data blocks that have identical data does not result in having two identical encrypted data blocks.

Some embodiments provide a data encryption mechanism that uses different tweaks for different data blocks in multi-layer datastores without requiring special hardware. The datastore in some such embodiments may use the LBAs and/or PBAs associated with the data blocks to encrypt/decrypt data in the data blocks. Using such techniques, the datastore may reduce the number of data encryptions/decryptions (e.g., to only one data encryption/decryption for unique data in a data block in a read/write path of the data block, and a maximum of two more data encryptions/decryptions during deduplication of duplicate data in a data block) required for storing data, irrespective of what fault tolerance mechanism has been deployed in different tiers of the datastore (e.g., 3-way mirroring RAID, 4+2 RAID-6, 5-way mirroring RAID, 12+4 erasure coding, etc.). In some embodiments, the LBA/PBA tweak (e.g., along with other parameters, such as a secret key and plain/clear text stored in each block) may be used as input for an AES algorithm to generate encrypted data blocks. In some embodiments, the datastore may use a combination of LBA/PBA and an object ID associated with each data block as a tweak to encrypt/decrypt data in the data block. The object ID may be a value (e.g., a number, an alphanumeric string, etc.) that is uniquely assigned to each object (e.g., a virtual disk or VMDK) stored in one or more physical blocks of a memory cluster by the datastore. In some embodiments, the datastore may combine (e.g., concatenate) the object ID with the LBA/PBA of each block to avoid having (e.g., in a rare occasion) the same tweak for two data blocks that have the same LBA/PBA and identical data (e.g., in two different memory clusters).

It should be noted that even though certain embodiments are described as using only LBA/PBA as a tweak, a combination of object ID and LBA/PBA may similarly be used as the tweak and such combination should be considered as being within the scope of the disclosure of the embodiments herein.

Using the LBA/PBA as the tweak for data encryption makes it possible to reduce encryption/decryption cycles on the read/write path of the data. In some embodiments, the datastore may use the LBA associated with each received data block as the tweak to encrypt the data block and store it in the performance tier at a physical block of the performance tier having a PBA. The datastore may then use the same LBA when transferring the stored data in the performance tier to the capacity tier, where the stored data is then stored in the capacity tier at a physical block of the capacity tier having a PBA (which may be different than the PBA of the physical block previously storing the data in the performance tier). As such, no decryption and/or re-encryption of data is required when the encrypted data is transferred to the capacity tier.

Similarly, in the capacity tier, so long as the physical block storing the encrypted data block does not have multiple LBAs mapped to the PBA of the same physical block (e.g., based on the multiple LBAs corresponding to the same data and a deduplication process having been performed that causes the multiple LBAs to point to the same PBA), the same LBA can be used for decrypting and re-encrypting the data block. That is, for such an encrypted data block, no additional decryption and/or re-encryption of the data is required during data movements (e.g., during data transfer between the different tiers of the datastore, during garbage collection and/or data deduplication, etc.) and the same LBA can be used for decryption when unencrypted data is needed (e.g., during a read process). If the PBA of the physical block is pointed to by multiple LBAs (e.g., as a result of a deduplication process), however, then the datastore may not know which LBA was used to encrypt the data block stored in the physical block when trying to read the encrypted data block.

In some embodiments, during a deduplication process, the datastore may determine whether an encrypted data block needs to be deduplicated. That is, the data store may determine whether the physical block of the encrypted data block includes unencrypted data that is identical to unencrypted data stored in another physical block. The datastore may make such a determination, as will be described in more detail below, by comparing the hashes of data stored in the two physical blocks, since the hashes of data stored in the data blocks are calculated prior to the encryption of data. When two physical blocks (e.g., blocks A and B) include encrypted data blocks (e.g., A and B) with the same (unencrypted) data, the datastore may, among other deduplication operations, change a mapping of the LBA B of encrypted data block B to point to the PBA A of physical block A, instead of the PBA B of physical block B. Thus, the LBA A of encrypted data block A, and the LBA B of encrypted data block B, both point to the PBA A of physical block A that now stores encrypted data block A/B. The datastore may then further mark the PBA B of physical block B as free, such that physical block B can be used to store other data (e.g., at a later time).

In some embodiments, the datastore may additionally decrypt the encrypted data block A stored in physical block A (e.g., using the LBA A of the encrypted data block A as the tweak) and re-encrypt the unencrypted data block A (which is the same as unencrypted data block B) using the PBA A as the new tweak. Thus, the encrypted data block A/B is stored in physical block A and encrypted using the PBA A of the physical block A as the tweak, so that regardless of which LBA (e.g., LBA A or LBA B) is used to subsequently access the physical block A, the tweak is known as PBA A. The datastore may then mark the physical block A as a “deduplicated” or “PBA-Encrypted” physical block. In some embodiments, the datastore may mark a group of the physical blocks as “deduplicated” or “PBA-Encrypted,” using a particular data structure (e.g., a segment usage table (SUT)), wherein the PBA of the physical blocks belonging to a segment is associated with a value (e.g., bit) indicating whether or not these physical blocks are “deduplicated” or “PBA-Encrypted”.

In some embodiments, a two-tier datastore (e.g., vSAN datastore) may manage each segment (or stripe, as will be described below, with reference to FIG. 5) of memory using a SUT (e.g., in an LFS storage system) associated with that segment. The SUT may be used to, among other things, keep track of space usage and live physical blocks in each segment, which may be needed by the segment cleaner (also called the garbage collector) for cleaning segments to be reused (e.g., to move live blocks of the segment to another segment and open up free space for a new full stripe write on the segment). In some embodiments, the SUT may include different entries (or records) for the physical blocks of the corresponding segment that keep information about the physical blocks of the segment. Additionally, the SUT may include the total number of live blocks in the segment, a pointer to the previous segment of blocks, and a pointer to the next segment of blocks (among other information). In general, SUT is a data structure that contains information about each segment (or stripe) which can be used during deduplication and/or garbage collection operations performed on each segment of data blocks. In some embodiments, the SUT may be indexed by the PBAs associated with the physical blocks of the segment. For example, data associated with a particular physical block of a segment may be kept at an index in the SUT that is associated with the PBA of the particular physical block.

In some embodiments, in each record associated with a physical block of a segment (or at a particular section of SUT indicated by an index corresponding to the physical block), the SUT may include an additional field or flag (e.g., a one-bit field) that indicates whether the corresponding block is “PBA-Encrypted” or not. For example, during the deduplication process, once a physical block is deduplicated, the datastore may set the flag (e.g., set the flag bit to “1”) associated with the physical block to mark the block as a “PBA-Encrypted” block. This way, the datastore knows whether each block of a segment is encrypted using the LBA, or PBA, associated with the block, as the tweak. As a result, when data movement or unencrypted data is subsequently needed (e.g., during a segment cleaning, resyncing data, or a read process), the datastore knows which tweak (e.g., LBA or PBA) associated with each block should be used to encrypt (or decrypt) the data in that block.

Some embodiments may encrypt the data received in the data blocks using the LBAs as the tweak (as described above) and store the encrypted data as an entry of a data log of the MetaObj maintained in the performance tier. Some embodiments, may calculate a hash for the data in the data block and compress the data before encrypting and storing the encrypted compressed data in the data log. Some embodiments may also write the encrypted data to one or more physical memories (e.g., of one or more host machines of the hosting system), such as random access memory (RAM). Once the data stored in the physical memory reaches a threshold size, some embodiments may flush the data stored in the physical memory to the CapObj in the capacity tier. In some embodiments, the threshold size may be equal to the size of a full stripe (or segment) that may include several data blocks spread across one or more physical disks of one or more host machines.

By encrypting the data only once before writing the data to the data log, and later as a full stripe to the CapObj, some embodiments may reduce the CPU cost of the hosting system significantly, because, for example, no additional decryption and/or re-encryption of the data is required during the data transfer between the different layers of the data store. Furthermore, where the data may be compressed before the encryption, less data may be written to the data log, and each mirrored disk (e.g., in a three-way mirroring RAID) may receive and store compressed data, instead of compressing the data individually on each separate disk (after the decompressed mirrored data is saved to the individual disks).

FIG. 1 is a diagram illustrating an example computing environment 100 in which embodiments of the present application may be practiced. As shown, computing environment 100 includes a distributed object-based datastore, such as a software-based “virtual storage area network” (vSAN) environment that leverages the commodity local storage housed in or directly attached (hereinafter, use of the term “housed” or “housed in” may be used to encompass both housed in, or otherwise directly attached) to host machines/servers or nodes 111 of a cluster 110 to provide an aggregate object store 116 to virtual machines (VMs) 112 running on the nodes. The local commodity storage housed in the nodes 111 may include combinations of solid state drives (SSDs) or non-volatile memory express (NVMe) drives 117, magnetic or spinning disks or slower/cheaper SSDs 118, or other types of storages.

In certain embodiments, SSDs 117 serve as a read cache and/or write buffer (e.g., in the performance tier) in front of magnetic disks or slower/cheaper SSDs 118 (e.g., in the capacity tier) to enhance the I/O performance. In certain other embodiments, both performance and capacity tiers may leverage the same type of storage (e.g., SSDs) for storing the data and performing the read/write operations. Additionally, it should be noted that SSDs 117 may include different types of SSDs that may be used in different layers (tiers) in some embodiments. For example, in some embodiments, the data in the performance tier may be written on a single-level cell (SLC) type of SSD, while the capacity tier may use a quad-level cell (QLC) type of SSD for storing the data.

As further discussed below, each node 111 may include a storage management module (referred to herein as a “vSAN module”) in order to automate storage management workflows (e.g., create objects in the object store, etc.) and provide access to objects in the object store (e.g., handle I/O operations on objects in the object store, etc.) based on predefined storage policies specified for objects in the object store. For example, because a VM may be initially configured by an administrator to have specific storage requirements for its “virtual disk” depending on its intended use (e.g., capacity, availability, input/output operations per second (IOPS), etc.), the administrator may define a storage profile or policy for each VM specifying such availability, capacity, IOPS and the like. As further described below, the vSAN module may then create an “object” for the specified virtual disk by backing it with physical storage resources of the object store based on the defined policy.

A virtualization management platform 105 is associated with cluster 110 of nodes 111. Virtualization management platform 105 enables an administrator to manage the configuration and spawning of VMs on the various nodes 111. As depicted in the embodiment of FIG. 1, each node 111 includes a virtualization layer or hypervisor 113, a vSAN module 114, and hardware 119 (which includes the SSDs 117 and magnetic disks 118 of a node 111). Through hypervisor 113, a node 111 is able to launch and run multiple VMs 112. Hypervisor 113, in part, manages hardware 119 to properly allocate computing resources (e.g., processing power, random access memory, etc.) for each VM 112. Furthermore, as described below, each hypervisor 113, through its corresponding vSAN module 114, may provide access to storage resources located in hardware 119 (e.g., SSDs 117 and magnetic disks 118) for use as storage for storage objects, such as virtual disks (or portions thereof) and other related files that may be accessed by any VM 112 residing in any of nodes 111 in cluster 110.

In one embodiment, vSAN module 114 may be implemented as a “vSAN” device driver within hypervisor 113. In such an embodiment, vSAN module 114 may provide access to a conceptual “vSAN” 115 through which an administrator can create a number of top-level “device” or namespace objects that are backed by object store 116. For example, during creation of a device object, the administrator may specify a particular file system for the device object (such device objects may also be referred to as “file system objects” hereinafter) such that, during a boot process, each hypervisor 113 in each node 111 may discover a/vsan/root node for a conceptual global namespace that is exposed by vSAN module 114. By accessing APIs exposed by vSAN module 114, hypervisor 113 may then determine all the top-level file system objects (or other types of top-level device objects) currently residing in vSAN 115.

When a VM (or other client) attempts to access one of the file system objects, hypervisor 113 may then dynamically “auto-mount” the file system object at that time. In certain embodiments, file system objects may further be periodically “auto-unmounted” when access to objects in the file system objects cease or are idle for a period of time. A file system object (e.g., /vsan/fs_name1, etc.) that is accessible through vSAN 115 may, for example, be implemented to emulate the semantics of a particular file system, such as a distributed (or clustered) virtual machine file system (VMFS) provided by VMware Inc. VMFS is designed to provide concurrency control among simultaneously accessing VMs. Because vSAN 115 supports multiple file system objects, it is able to provide storage resources through object store 116 without being confined by limitations of any particular clustered file system. For example, many clustered file systems may only scale to support a certain amount of nodes 111. By providing multiple top-level file system object support, vSAN 115 may overcome the scalability limitations of such clustered file systems.

As described in further detail in the context of FIG. 2 below, a file system object may, itself, provide access to a number of virtual disk descriptor files accessible by VMs 112 running in cluster 110. These virtual disk descriptor files may contain references to virtual disk “objects” that contain the actual data for the virtual disk and are separately backed by object store 116. A virtual disk object may itself be a hierarchical, “composite” object that is further composed of “component” objects (again separately backed by object store 116) that reflect the storage requirements (e.g., capacity, availability, IOPs, etc.) of a corresponding storage profile or policy generated by the administrator when initially creating the virtual disk. Each vSAN module 114 (through a cluster level object management or “CLOM” sub-module, in embodiments as further described below) may communicate with other vSAN modules 114 of other nodes 111 to create and maintain an in-memory metadata database (e.g., maintained separately but in synchronized fashion in the memory of each node 111) that may contain metadata describing the locations, configurations, policies, and relationships among the various objects stored in object store 116.

This in-memory metadata database is utilized by a vSAN module 114 on a node 111, for example, when a user (e.g., an administrator) first creates a virtual disk for a VM as well as when the VM is running and performing I/O operations (e.g., read or write) on the virtual disk. As further discussed below in the context of FIG. 3, vSAN module 114 (through a distributed object manager or “DOM” sub-module, in one embodiment) may traverse a hierarchy of objects using the metadata in the in-memory database in order to properly route an I/O operation request to the node (or nodes) that houses (house) the actual physical local storage that backs the portion of the virtual disk that is subject to the I/O operation.

In some embodiments, one or more nodes 111 of node cluster 110 may be located at a geographical site that is distinct from the geographical site where the rest of nodes 111 are located. For example, some nodes 111 of node cluster 110 may be located at building A while other nodes may be located at building B. In another example, the geographical sites may be more remote such that one geographical site is located in one city or country and the other geographical site is located in another city or country. In such embodiments, any communications (e.g., I/O operations) between the DOM sub-module of a node at one geographical site and the DOM sub-module of a node at the other remote geographical site may be performed through a network, such as a wide area network (“WAN”).

FIG. 2 is a diagram 201 illustrating an example hierarchical structure of objects organized within an object store 116 that represent a virtual disk, according to an example embodiment of the present application. As previously discussed above, a VM 112 running on one of nodes 111 may perform I/O operations on a virtual disk that is stored as a hierarchical composite object 200 in object store 116. Hypervisor 113 may provide VM 112 access to the virtual disk by interfacing with the abstraction of vSAN 115 through vSAN module 114 (e.g., by auto-mounting the top-level file system object 214 corresponding to the virtual disk object 200). For example, vSAN module 114, by querying its local copy of the in-memory metadata database, may be able to identify a particular file system object 205 (e.g., a VMFS file system object in one embodiment, etc.) stored in vSAN 115 that may store a descriptor file 210 for the virtual disk.

Descriptor file 210 may include a reference to composite object 200 that is separately stored in object store 116 and conceptually represents the virtual disk (and thus may also be sometimes referenced herein as a virtual disk object). Composite object 200 may store metadata describing a storage organization or configuration for the virtual disk (sometimes referred to herein as a virtual disk “blueprint”) that, in some embodiments, may suit the storage requirements or service level agreements (SLAs) in a corresponding storage profile or policy (e.g., capacity, availability, IOPs, etc.) generated by a user (e.g., an administrator) when creating the virtual disk.

Depending on the desired level of fault tolerance or performance efficiency, a virtual disk blueprint 215 may direct data corresponding to composite object 200 to be stored in the datastore in a variety of ways. FIG. 2 shows composite object 200 that includes a virtual disk blueprint 215 describing a RAID 1 configuration where two mirrored copies of the virtual disk (e.g., mirrors) are each further striped in a RAID 0 configuration. Data striping refers to segmenting logically sequential data, such as a virtual disk. Each stripe may contain a plurality of data blocks (e.g., DB1, DB2, DB3 in stripe 1 of composite object 400, as shown in FIG. 4). In some cases, as illustrated in FIG. 4, each stripe may also include one or more code blocks (e.g., RAID 5 or RAID 6). As shown, the stripes are then split vertically into different groups of blocks, referred to as chunks or columns, where each chunk is logically represented as a “leaf” or “component” object to which composite object 200 contains a reference. As will be described in more detail below, for example with reference to FIG. 5, a stripe, in some embodiments, may also refer to several data and code blocks situated on different rows (may also be called stripes in some embodiments) and columns (may also be called chunks), where each column is associated with a physical disk of a host machine.

The metadata accessible by vSAN module 114 in the in-memory metadata database for each component object 220 provides a mapping to, or otherwise identifies, a particular node 111 in cluster 110 that houses the physical storage resources (e.g., magnetic disks or slower/cheaper SSD 118, etc.) that actually store the chunk (as well as the location of the chunk within such physical resource).

FIG. 3 is a diagram 300 illustrating different components of a vSAN module, according to an example embodiment of the present application. As previously described, in certain embodiments, vSAN module 114 may execute as a device driver exposing an abstraction of a vSAN 115 to hypervisor 113. Various sub-modules of vSAN module 114 handle different responsibilities and may operate within either user space 315 or kernel space 320 depending on such responsibilities. As depicted in the embodiment of FIG. 3, vSAN module 114 includes a cluster level object manager (CLOM) sub-module 325 that operates in user space 315. CLOM sub-module 325 generates virtual disk blueprints during creation of a virtual disk by a user (e.g., an administrator) and ensures that objects created for such virtual disk blueprints are configured to meet storage profile or policy requirements set by the user. In addition to being accessed during object creation (e.g., for virtual disks), CLOM sub-module 325 may also be accessed (e.g., to dynamically revise or otherwise update a virtual disk blueprint or the mappings of the virtual disk blueprint to actual physical storage in object store 116) on a change made by a user to the storage profile or policy relating to an object or when changes to the cluster or workload result in an object being out of compliance with a current storage profile or policy.

In one embodiment, if a user creates a storage profile or policy for a composite object such as virtual disk object 200, CLOM sub-module 325 applies a variety of heuristics and/or distributed algorithms to generate virtual disk blueprint 215 that describes a configuration in cluster 110 that meets or otherwise suits the storage policy (e.g., RAID configuration to achieve desired redundancy through mirroring and access performance through striping, which nodes' local storage should store certain portions/partitions/chunks of the virtual disk to achieve load balancing, etc.). For example, CLOM sub-module 325, in one embodiment, may be responsible for generating blueprint 215 describing the RAID 1/RAID 0 configuration for virtual disk object 200 in FIG. 2 when the virtual disk was first created by the user. As previously discussed, a storage policy may specify requirements for capacity, IOPS, availability, and reliability. Storage policies may also specify a workload characterization (e.g., random or sequential access, I/O request size, cache size, expected cache hit ration, etc.).

Additionally, the user may also specify an affinity to vSAN module 114 to preferentially use certain nodes 111 (or the local disks housed therein). For example, when provisioning a new virtual disk for a VM, a user may generate a storage policy or profile for the virtual disk specifying that the virtual disk have a reserve capacity of 400 GB, a reservation of 150 read IOPS, a reservation of 300 write IOPS, and a desired availability of 99.99%. Upon receipt of the generated storage policy, CLOM sub-module 325 may consult the in-memory metadata database maintained by its vSAN module 114 to determine the current state of cluster 110 in order to generate a virtual disk blueprint for a composite object (e.g., the virtual disk object) that suits the generated storage policy. As further discussed below, CLOM sub-module 325 may then communicate the blueprint to its corresponding distributed object manager (DOM) sub-module 340, for example, through zDOM sub-module 360. The DOM sub-module 340 may interact with object store 116 to implement the blueprint by, for example, allocating or otherwise mapping component objects (e.g., chunks) of the composite object to physical storage locations within various nodes 111 of cluster 110.

In some embodiments, as will be described in more detail below, zDOM sub-module 360 may instruct the DOM module 340 to preliminarily store the data received from the higher layers (e.g., from a VM) in a separate log object on persistent media and a physical memory (e.g., a bank). Once the size of the stored data in the bank reaches a threshold size (e.g., a stripe size), zDOM sub-module 360 may instruct the DOM module to flush the data stored in the bank onto one or more disks (e.g., of one or more host machines). zDOM sub-module 360 may do this full stripe writing to minimize the write amplification effect, as described in more detail below, with reference to FIG. 5. In some embodiments, as described below, zDOM sub-module 360 may also perform datastore procedures, such as data encryption, hash calculation, checksum calculation, data compression, and other datastore operations such that to decrease the CPU cost and network and disk write bandwidth.

In addition to CLOM sub-module 325 and DOM sub-module 340, as further depicted in FIG. 3, vSAN module 114 may also include a cluster monitoring, membership, and directory services (CMMDS) sub-module 335 that maintains the previously discussed in-memory metadata database to provide information on the state of cluster 110 to other sub-modules of vSAN module 114 and also tracks the general “health” of cluster 110 by monitoring the status, accessibility, and visibility of each node 111 in cluster 110. The in-memory metadata database may serve as a directory service that maintains a physical inventory of the vSAN environment, such as the various nodes 111, the storage resources in the nodes 111 (SSD, NVMe drives, magnetic disks, etc.) housed therein and the characteristics/capabilities thereof, the current state of the nodes 111 and their corresponding storage resources, network paths among the nodes 111, and the like.

As previously discussed, in addition to maintaining a physical inventory, the in-memory metadata database may further provide a catalog of metadata for objects stored in object store 116 (e.g., what composite and component objects exist, what component objects belong to what composite objects, which nodes serve as “coordinators” or “owners” that control access to which objects, quality of service requirements for each object, object configurations, the mapping of objects to physical storage locations, etc.). As previously discussed, other sub-modules within vSAN module 114 may access CMMDS sub-module 335 (represented by the connecting lines in FIG. 3) for updates to learn of changes in cluster topology and object configurations.

For example, as previously discussed, during virtual disk creation, CLOM sub-module 325 may access the in-memory metadata database to generate a virtual disk blueprint, and in order to handle an I/O operation from a running VM 112, DOM sub-module 340 may access the in-memory metadata database to determine the nodes 111 that store the component objects (e.g., chunks) of a corresponding composite object (e.g., virtual disk object) and the paths by which those nodes are reachable in order to satisfy the I/O operation. In some embodiments, some or all of the metadata catalog (e.g., the mapping of the object to physical storage locations, etc.) may be stored with the virtual disk object 200 in the object store 116.

As previously discussed, DOM sub-module 340, during the handling of I/O operations as well as during object creation, may control access to, and may handle operations on, those component objects in object store 116 that are stored in the local storage of the particular node 111 in which DOM sub-module 340 runs as well as certain other composite objects for which its node 111 has been currently designated as the “coordinator” or “owner.” For example, when handling an I/O operation from a VM, due to the hierarchical nature of composite objects in certain embodiments, a DOM sub-module 340 that serves as the coordinator for the target composite object (e.g., the virtual disk object that is subject to the I/O operation) may need to further communicate across the network (e.g., local area network (LAN), or WAN) with a different DOM sub-module 340 in a second node 111 (or nodes) that serves as the coordinator for the particular component object (e.g., chunk, etc.) of the virtual disk object that is stored in the local storage of the second node 111 (or nodes) and which is the portion of the virtual disk that is subject to the I/O operation.

If the VM issuing the I/O operation resides on a node 111 that is also different from the coordinator of the virtual disk object, the DOM sub-module 340 of the node running the VM may also have to communicate across the network (e.g., LAN or WAN) with the DOM sub-module 340 of the coordinator. In certain embodiments, if the VM issuing the I/O operation resides on a node that is different from the coordinator of the virtual disk object subject to the I/O operation, the two DOM sub-modules 340 of the two nodes may communicate to change the role of the coordinator of the virtual disk object to the node running the VM (e.g., thereby reducing the amount of network communication needed to coordinate I/O operations between the node running the VM and the node serving as the coordinator for the virtual disk object).

DOM sub-modules 340 may also similarly communicate amongst one another during object creation (and/or modification). For example, a virtual disk blueprint generated by CLOM module 325 during creation of a virtual disk may include information that designate which nodes 111 should serve as the coordinators for the virtual disk object, as well as its corresponding component objects. The DOM sub-modules 340 for such designated nodes may be issued requests (e.g., by the DOM sub-module 340 designated as the coordinator for the virtual disk object or by the DOM sub-module 340 of the node generating the virtual disk blueprint, etc. depending on embodiments) to create their respective objects, allocate local storage to such objects (if needed), and advertise their objects to their corresponding CMMDS sub-module 335 in order to update the in-memory metadata database with metadata regarding the object. In order to perform such requests, DOM sub-module 340 may interact with a local storage object manager (LSOM) sub-module 350 that serves as the component in vSAN module 114 that may actually drive communication with the local SSDs and magnetic disks of its node 111. In addition to allocating local storage for component objects (as well as storing other metadata, such as policies and configurations for composite objects for which its node serves as coordinator, etc.), LSOM sub-module 350 may additionally monitor the flow of I/O operations to the local storage of its node 111, for example, to report whether a storage resource is congested.

FIG. 3 also depicts a reliable datagram transport (RDT) sub-module 345 that delivers datagrams of arbitrary size between logical endpoints (e.g., nodes, objects, etc.), where the endpoints may potentially be over multiple paths. In one embodiment, the underlying transport is TCP. Alternatively, other transports such as RDMA may be used. RDT sub-module 345 may be used, for example, when DOM sub-modules 340 communicate with one another, as previously discussed above, to create objects or to handle I/O operations. In certain embodiments, RDT module 345 may interact with CMMDS module 335 to resolve the address of logical endpoints dynamically in order to maintain up-to-date location information in the in-memory metadata database, as well as to create, remove, or reestablish connections based on link health status. For example, if CMMDS module 335 reports a link as unhealthy, RDT sub-module 345 may drop the connection in favor of a link in better condition.

In some cases, one or more nodes 111 within node cluster 110 may fail or go offline, resulting in a loss of the data and/or code blocks stored by such nodes. In such cases, the distributed storage system or vSAN environment 100 may have to be able to tolerate such a failure and efficiently reconstruct the missing data blocks. In some other cases, a node 111 may go offline temporarily and then come back online resulting in some out-of-sync data blocks. To address such cases, the distributed storage system may be configured with fault tolerance technologies to resync such out-of-sync data and/or code blocks. Accordingly, to increase performance efficiency and fault tolerance, distributed storage systems (e.g., vSAN environment 100) may implement a variety of fault tolerance technologies, such as the various levels of RAID and/or erasure coding, etc. As described above in relation to FIG. 2, depending on the required level of performance and fault tolerance, virtual disk blueprint 215 may direct composite object 200 to be distributed in one of several ways. In some embodiments, one or a combination of RAID levels (e.g. RAID 0 to RAID 6) may be used, where each RAID level or a combination thereof may provide a different level of fault tolerance and performance enhancement.

Referring back to FIG. 2, for example, FIG. 2 illustrates an example of the application of RAID 1, which entails creating a replica of composite object 200. This is to ensure that a second copy (e.g., branch object 200 b) of composite object 200 is still available if a first copy (e.g., branch object 200 a) is lost due to some sort of failure (e.g. disk failure etc.). In some embodiments, some objects may require a more robust fault tolerance system (e.g., depending on their level of importance). For example, in one embodiment, the vSAN datastore may store the metadata object (in the performance tier) in a three-way mirror format (e.g., on at least three different disks).

In addition to RAID 1, FIG. 2 also illustrates the application of RAID 0 to the two copies of composite object 200 (branch object 200 a and branch object 200 b, created as a result of RAID 1). Under RAID 0, each copy of composite object 200 may be partitioned into smaller data stripes, where each stripe is further segmented into a number of data blocks (e.g., DB1, DB2, DB3, in the first stripe, and DB4, DB5, DB6, in the second stripe) and distributed across local storage resources of various nodes in the datastore. In some cases, striping a copy of composite object 200 over local storage resources of various nodes may enhance performance as compared to storing the entire copy of composite object 200 in a single node. This is because striping the data means that smaller amounts of data are written to or read from local storage resources of multiple nodes in parallel, thereby reducing the amount of time to complete a particular read or write operation. However, multiplying the number of nodes used to store the various chunks of data may increase the probability of failure, and thus data loss.

To achieve an even higher level of fault tolerance with much less space usage than RAID 1, erasure coding is applied in some embodiments. Erasure coding (EC) is a method of data protection in which each copy of composite object 200 is partitioned into stripes, expanded and encoded with redundant data pieces, and stored across different nodes of the datastore. For example, a copy of composite object 200 is organized or partitioned into stripes, each of which is broken up into N equal-sized data blocks. Erasure codes are then used to encode an additional M equal-sized code block(s) (interchangeably referred to as “parity blocks”) from the original N data blocks, where N is a larger number than M.

The M equal-sized code block(s) then provide fault tolerance and enable reconstruction of one or more lost data blocks in the same stripe should one or more of the underlying nodes fail. More specifically, each code block includes parity values computed from the N data blocks in the same stripe using an erasure coding algorithm. An application of an exclusive OR (i.e., XOR) operation to the N data blocks of the stripe, for computing a code block, is one example of applying an erasure coding algorithm, in which case the computed code block contains the XOR of data corresponding to the N data blocks in the stripe. In such an example, if one of the N data blocks is lost due a failure of its underlying node, the datastore object may be able to be reconstructed by performing an XOR operation of the remaining data blocks as well as the computed code block(s) in the same stripe. Depending on the level of fault tolerance desired, different erasure codes are applied in creating the one or more M code blocks. RAID 5 and RAID 6 are common examples of applying erasure coding and RAID 6 is used for the example embodiments described below, with reference to FIG. 5. In RAID 5, an exclusive OR (i.e. XOR) operation is performed on multiple data blocks to compute a single parity block. An example of the application of RAID 5 in a distributed storage system is illustrated in FIG. 4.

FIG. 4 is a diagram 400 illustrating composite objects of the vSAN being erasure coded and partitioned into multiple stripes, according to an example embodiment of the present application. More specifically, FIG. 4 shows each copy of composite object 400 (i.e., branch object 400 a and branch object 400 b) being erasure coded with a 3+1 ratio, such that each copy is partitioned into multiple stripes (e.g. stripes 1A-NA, stripes 1B-NB), where each stripe is further broken up into 3 data blocks (N) and 1 code block (M). As shown, the stripes are then split vertically into different groups of blocks, referred to as chunks, where each chunk is logically represented as a component object (e.g., component object 420 a) to which composite object 400 contains a reference. As described above, the metadata for each component object then provides a mapping to or otherwise identifies a particular node 111 that has been selected for storing the chunk of blocks corresponding to the component object. Accordingly, each chunk of composite object 400 is stored in a different node (e.g. node 111 a through node 111 f) based on the mapping of its corresponding component object to the node.

The (3+1) EC ratio, described above, is merely an example and is not intended to limit the scope of the present disclosure. For example, under RAID 5, a smaller or larger number of data blocks, such as 2, 4, 5 or 6 or 10 data blocks, may be used to generate a single code block, resulting in EC ratios of (2+1), (4+1), (5+1), (6+1), or (10+1), etc., respectively. In addition, in some embodiments, each data or code block includes 1 MB of data such that each data stripe comprises 3 MB of data. In other embodiments, the data or code blocks may have other sizes, ranging from 0.1 MB to 10 GB, or higher.

As discussed above, some embodiments may compress and encrypt the data received in the data blocks, generate metadata that describes the compressed data, and store the encrypted compressed data and the associated metadata in the performance tier (e.g., in the MetaObj), as data logs. Some such embodiments may also write the encrypted compressed data to a bank which may include one or more physical memories (e.g., of one or more host machines of the hosting system), such as random access memory (RAM). When the data stored in the bank reaches a threshold size, some embodiments may flush the data stored in the bank to the CapObj in the capacity tier. In some embodiments, the threshold size may be equal to the size of a stripe (or segment) that may include several data blocks spread across one or more physical disks of one or more host machines.

In some embodiments, the I/O pattern applied to the MetaObj may be three-way mirroring RAID 1, while the I/O pattern applied to the CapObj may be erasure coding 4+2 RAID 6 having two parity disks. In other words, the performance tier may use a RAID 1 system in some embodiments, while the capacity tier may use a RAID 6 system for storing the data received in the data blocks.

FIG. 5 is a diagram 500 illustrating an example segment of blocks with two parity columns for a RAID 6 storage, according to an example embodiment of the present disclosure. Specifically, FIG. 5 shows a segment (or stripe) 510 including 6 different columns (e.g., A, B, C, D, P, Q) that are associated with 6 different disks participating in a 4 (data disks)+2 (parity disks) RAID 6. In some embodiments, stripe 510, as shown in the figure, may include a rectangle set of blocks in which four of the columns (e.g., columns A, B, C, and D) may include the data blocks (e.g., blocks 0 to 31) and two of the columns (e.g., columns P and Q) may include the parity/code blocks (e.g., blocks P₀ to P₇ and Q₀ to Q₇) in the RAID 6.

In some embodiments, stripe width 540 may be equal to the number of data disks (e.g., 4 in the illustrated example), while stripe size 530 may be equal to the number of consecutive blocks that are on the same disk (or column, or chunk) before they resume on the next disk (e.g., 8 in the illustrated example). Although in the illustrated example the stripe size is 8 blocks (8×4 kilobytes (KB)=32 KB), the stripe size in some embodiments may reach 1 megabytes (MB) or other values. In some embodiments, the stripe size may be user defined. That is, a user (e.g., an admin) of the datastore may have the option to change the stripe size. Additionally, even though, in the illustrated example, stripe 510 includes all the blocks shown in the figure, a stripe may be as small as covering only the blocks of a row, such as stripe 520.

It should be noted that, in some embodiments, the parity blocks (e.g., in columns P and Q) may rotate to a different disk in the next stripe (not shown in this figure) to ensure the parity disks do not become a bottleneck. Although, as will be described in more detail below, for a full stripe write, the parity rotation may not be as useful as it is for other types of writes (e.g., partial stripe writes). In fact, in some embodiments, when the stripe size is set to be the size of a disk, the parity blocks may not need to be rotated.

In datastores, a write operation (e.g., anytime a block is written) may cause write amplification. The write amplification may differ in different types of writes (e.g., small partial stripe writes, large partial stripe writes, and full stripe writes). In a small partial stripe write, the old content of the to-be-written blocks and parity blocks may be read in order to calculate the new parity blocks, and then the new blocks and the parity blocks may be written. In the illustrated example, if a write on block 8 (i.e., the first block in column/disk B) is required, the datastore may have to read blocks 8, P₀ and Q₀, and then write the same three blocks. That is, 3 reads and 3 writes may be required which may result in a write amplification of 3 and a network roundtrip of 2.

For a large partial stripe write, the untouched blocks (e.g., blocks that are not needed to be written) in the stripe may be read in order to calculate the new parity blocks, and then the new blocks and the new parity blocks may be written. In the illustrated example, if writes on blocks 3 and 11 (i.e., the fourth blocks in columns A and B) are required, the datastore may have to read blocks 19 and 27, and then write blocks 3 and 11, as well as the parity blocks P₃ and Q₃. That is, 2 reads and 4 writes may be required which may result in a write amplification of 2 and a network roundtrip of 2.

For a full stripe write, however, the datastore may need to only calculate the new parity blocks (e.g., based on the new blocks that need to be written), and then write the new blocks and the new parity blocks. In the illustrated example, for a full stripe write, the datastore does not need to read any of the blocks and may only calculate the parity blocks for the to-be-written blocks 0-31, and then write all of the data blocks and the calculated parity blocks. That is, no read and 48 writes may be required which may result in a write amplification of 1.5 and a network roundtrip of 1.

As can be seen from the above described examples, a full stripe write may result in the smallest write amplification and network roundtrip. In fact, the bigger the size of a stripe, the more efficient the write operation may become compared to the partial stripe write.

FIG. 6 is a diagram 600 illustrating a datastore module receiving a data block from a VM and storing the data in the MetaObj, CapObj, and memory of a hosting system, according to an example embodiment of the present disclosure. In some embodiments, the datastore module may be a vSAN module, such as vSAN module 114, as described above with reference to FIGS. 1-3. In some embodiments, the datastore module may include a zDOM submodule, such as sub-module 360 (illustrated in FIG. 3) that receives a first set of data from a DOM client module and after performing different datastore procedures (e.g., checksum and hash calculation, data compression, data encryption, etc.) on the received data, sends a second set of data to a DOM owner module (e.g., to write to the performance and capacity layers).

In some embodiments, zDOM module 620 may be responsible for caching the received data and writing the cached data as full stipes on one or more disks. In some embodiments, zDOM module 620 may also perform other datastore procedures, such as data encryption, data compression, and hash calculation, which may result in substantial improvements, for example, in garbage collection, deduplication, snapshotting, etc. (some of which may be performed locally by an LSOM submodule, such as LSOM submodule 350, with reference to FIG. 3).

As shown in FIG. 6, zDOM module 620 may receive a data block from VM 610 to be stored on one or more disks of one or more host machines of a hosting system. The data block may be associated with a zDOM object (e.g., a virtual disk) having an object ID (e.g., 0, 1, 2, etc.). The zDOM object may be assigned a zDOM logical block address (LBA), which is in an address space known to the zDOM module to address the blocks of data. The zDOM module 620 may translate this LBA to a physical block address (PBA) which is the same as the LBA of a DOM object (e.g., managed by DOM owner module 630 one layer below). The DOM module may translate the LBA of the data block to a disk group ID, a component ID, and a component offset. As described above, a component may be similar to a file stored on a disk of a host machine and may be managed by an LSOM module which supports the log-structured file system (LFS) architecture and its several features, such as data deduplication and garbage collection. The LSOM module may translate the component offset to a pair of <disk ID, disk offset (also known as PBA)>. The PBA may be in an address space known to the physical disk to address the blocks of data.

In some embodiments, zDOM module 620 may perform some datastore procedures, such as data-at-rest encryption, hash calculation, and data compression on the received data. For example, zDOM module 620 may perform data encryption on data received in the data blocks using an LBA assigned to each data block as a tweak (e.g., in an XTS-AES encryption algorithm). In some embodiments, zDOM module 620 may use a combination of <LBA, object ID> associated with each data block as a tweak to encrypt the data in the data block. The object ID, as described above, may be a number (e.g., 0, 1, 2, 3, etc.) that is uniquely assigned to each zDOM object, such as a virtual disk. In some embodiments, the datastore may use a combination of <LBA, object ID> as the tweak to avoid having the same tweak for two data blocks (e.g., in two different clusters) that have the same LBA and identical data. In some embodiments, a combination of LBA and object ID may include an object ID concatenated to the end of the LBA (or vice versa).

In some embodiments, before encrypting (or compressing) the received data, zDOM module 620 may calculate a hash value for the clear data in the data block and save the hash value as metadata associated with the data block to a data log maintained in MetaObj 640. In some embodiments, zDOM module 620 may further compress the data in the received data block into a set of one or more sectors (e.g., each sector being 512-byte) before encrypting the compressed data, and write the set of encrypted compressed sectors, as well as metadata about the data block (e.g., the calculated hash, the compressed sectors' sizes, snapshot ID, block numbers, checksum of blocks, transaction ID, etc.) to the data log.

In some embodiments, vSAN module 114 (e.g., or zDOM module 620, as part of the vSAN module) may maintain a data log in the MetaObj which may include a set of one or more records, each having a header and a payload for saving, respectively, the metadata and its associated data (e.g., the set of encrypted compressed sectors). More detail about the data log may be found below, with reference to FIG. 9. In some embodiments, zDOM module 620 may use 3-way mirroring RAID 1 format for writing the data to MetaObj 640.

After the data (e.g., the encrypted compressed sectors) and the associated metadata that include the calculated hash and other metadata are written to the MetaObj 640 successfully, zDOM module 620 may send an acknowledgement to VM 610 letting the VM know that the received data block is successfully stored. As discussed above, the data received (and modified) by zDOM module 620 may also be written to an in-memory bank 650 (e.g., concurrently with the data log) for handling a full stripe write. In some embodiments, when the bank is full (e.g., reaches a threshold capacity that satisfies the full stripe write), the data in the bank may be flushed to CapObj 660. That is, the stored data in bank 650 may be written sequentially on a full stripe (e.g., the whole segment 510, or stripe 520, as shown in FIG. 5, depending on the full stripe size). In some embodiments, zDOM module 620 may use a 4+2 RAID 6 format for writing the data to CapObj 660.

The data flushing may occur, while a new bank (not shown in the FIG. 6) is allocated to accept new writes from zDOM module 620. The number of banks, in some embodiments, may be indicative of how many concurrent writes may happen on a single MetaObj. For example, in one embodiments, with a per disk write size of 128 KB and a stripe width of 4, each bank may have a size of 768 KB (e.g., 512 KB for data and 256 KB for parity blocks) for a full stripe write, and a total size of 1.5 MB memory (e.g., two banks) may be assigned per MetaObj. After flushing the in-memory bank 650, zDOM module 620 may release (or delete) the associated records of the flushed memory in the data log. This is because when the data stored in the bank is written to the CapObj, the data is in fact stored on one or more physical disks (in the capacity tier) and there is no more need for storing (or keeping) the same data in the data log of the MetaObj (in the performance tier). Consequently, more free space may be created in the data log for receiving new data (e.g., from zDOM module 620).

FIG. 7 is a diagram 700 illustrating the relationship between logical objects, such as MetaObj, CapObj and in-memory bank, with physical entities of a hosting system, according to an example embodiment of the present disclosure. Specifically, FIG. 7 shows how data written by zDOM module 620 to logical objects Bank 650, CapObj 660, and MetaObj 640, are stored on different physical memories and disks of at least two different host machines (or nodes) 701 and 702 of a hosting system.

As shown in FIG. 7, each host machine 701 or 702 may include at least a physical memory 750, as well as at least a physical disk 760. Additionally, in some embodiments, a physical disk 760 may be divided into a cache segment and a capacity segment. Cache segment of physical disk 760 may include at least one fast SSD 770 for holding the data written to MetaObj 640. Capacity segment of physical disk 760 may include at least a group of fast SSDs and/or slower TLCs, QLCs, or other types of SSDs 780, for holding the data written to CapObj 660. As such, access to data stored in the cache (e.g., the data log) segment (or the performance tier) may be substantially faster than access to data stored in the capacity segment (or the capacity tier). Some embodiments may use QLC storage in the capacity tier for full stripe writes simply because the write bandwidth in a QLC type of storage may be substantially lower than the read bandwidth (e.g., 400 MB/s to 2200 MB/s) and a QLC storage may be randomly written with 64 KB, or even 128 KB write without causing write amplifications. These attributes make QLC storages a very desirable candidate for a full stripe write which requires a big volume of data being written to the storage at once. Full stripe write also benefits TLC and other types of SSDs because it has lower write amplification. Lastly, as shown in FIG. 7, physical memories 750 (e.g., RAMs) may contain the data written to Bank 650.

In order to write full stripe (or full segment), the vSAN module of some embodiments may write the data stored in the bank on sequential blocks of a stripe. For example, with reference to FIG. 5, if data is required to be written to blocks 4, 13, 14, and 23, the vSAN module may write the data to block 1, 9, 17, and 25, instead (e.g., when a full stripe size is defined to be the size of stripe 520). In order to always write to sequential blocks, as described above, some embodiments may translate the PBAs associated with DOM client objects to LBAs associated with zDOM objects, and then translate the LBAs of the zDOM objects to the PBAs of the DOM owner objects. In other words, the zDOM module LBAs' may map to PBAs that are the same as LBAs of the DOM module functioning beneath the zDOM module. As such, notwithstanding what the LBAs of a write process are, the PBAs (e.g., on the physical disks) may always be continuous for the full stripe write.

As described above, the vSAN module may encrypt the data of the received data blocks (e.g., after compressing the data into sectors) and temporarily store the encrypted compressed sectors in an in-memory bank. For example, the vSAN module may compress the data received in a first data block into five different sectors and compress the data received in a second data block into seven different sectors before encrypting the first and second blocks. The vSAN module of some embodiments may record the sizes of the compressed sectors in a logical map. In some embodiments, the logical map may include an LBA to PBA mapping table for determining the real PBAs and the sizes of the sectors stored in the physical blocks. The mapping table, in some embodiments, may include, for each LBA, a corresponding PBA, the number of blocks including the sectors, and the sizes of each block (e.g., the number of sectors in each block).

For example, the vSAN module may store in the logical map a record for an LBA L10, where the corresponding PBA is P200, the number of blocks is 4, and the sizes of the four blocks are 5 sectors, 2 sectors, 8 sectors, and 7 sectors, respectively. If the vSAN module is later required to determine to which PBA the LBA L12 is mapped, by looking at the logical map, the vSAN module may easily determine that the corresponding PBA for LBA L12 may start seven sectors after P200 for eight sectors. This is because L12 is 2 blocks after L10 and as the map indicates, the first two blocks after L10 include a total of seven sectors. Therefore, L12 starts at a physical address that is 7 sectors after P200.

In some embodiments, as will be described in more detail below, during a deduplication process, two or more LBAs in the logical map may end up pointing to the same PBA of a physical block (e.g., as a result of deduplication of disk segments). In some such embodiments, when an encrypted data block is deduplicated (e.g., two or more LBAs associated with other blocks point to a PBA of the encrypted block in the logical map), zDOM module 620 may decrypt the encrypted data in which the data block is stored using the LBA that was initially assigned to the data block as the tweak, and re-encrypt the decrypted data using a PBA of the physical block as a new tweak. zDOM module 620 may also mark the deduplicated physical block in which the data block is stored as a “PBA-Encrypted” or “deduplicated” physical block. This way, if later on, zDOM module 620, or any other module/process, wants to decrypt the data in the physical block, the module know which tweak (e.g., the LBA or PBA associated with the physical block) should be used such decryption.

FIG. 8 is a flowchart illustrating a method (or process) 800 for data encryption in a full stripe write, according to an example embodiment of the present application. The method 800 may be performed by a module such as vSAN module 114, as described in FIGS. 1-3 in some embodiments. In some other embodiments, the method may be performed by some other modules that reside in the hypervisor or outside of the hypervisor.

Process 800 may start, at 810, by receiving a data block to be written on at least one physical disk of a set of one or more physical disks associated with a set of one or more host machines. As described above, with reference to FIG. 6, the data block may be received from a (client) VM of a hosting system. Process 800 may then apply, at 820, an LBA assigned to the data block as a tweak to data indicative of the received data block and generate an encrypted data block. As discussed, the applied tweak may be a combination of the LBA of the block and an object ID associated with the object (e.g., part or all of the data of which is in the data block). For simplicity of the description though, in describing the tweaks above and below, only LBAs (and/or PBAs) are discussed as the tweaks. Otherwise, a combination of object ID and LBA/PBA may similarly be used as the tweak and such combination should be considered as being within the scope of the disclosure of the embodiments herein.

The data that is indicative of the received data block may be compressed data generated from data in the received data block in some embodiments. That is, as described above, the vSAN module may compress the data received in the data block (e.g., into one or more compressed sectors) before encrypting the compressed data.

Process 800 may then write, at 830, a first entry to a data log in a cache (disk), where the first entry of the data log may include a header and a payload. The header, in some embodiments, may include metadata about the corresponding payload (e.g., the sizes of the compressed sectors, LBAs/PBAs associated with the data blocks when the data blocks are received, for example, from a VM, etc.). The payload of the first entry may include the encrypted data block in some embodiments.

As described above, with reference to FIG. 7, the cache (disk) may include one or more physical disks to which the MetaObj that is maintained in the performance tier is mapped. Additionally, writing to the cache (or MetaObj) may include a 3-way mirroring write in which two other mirrored copies of the data in the payload (of the data log entry) may be written to multiple disks of multiple hosting machines.

FIG. 9 illustrates a data log of a MetaObj 900 that includes multiple entries, each entry having a header and a payload, according to an example embodiment of the present application. As illustrated in the figure, the data log in MetaObj 900 has multiple entries that are maintained in the cache (in the performance tier). Each entry in the data log, such as entry 910, may include a header 920 and a payload 930. Header 920 may include metadata that describes the data in payload 930, such as a hash value that is calculated for the data in the payload (e.g., before the data is compressed and encrypted), the sizes of compressed sectors in the corresponding payload, the LBAs assigned to each data block, etc. Payload 930, in some embodiments, may include the encrypted compressed data (e.g., in the one or more sectors).

When a data block with a size of 4 KB is received, without compressing the data, the vSAN module may have to write two 4 KBs to the MetaObj. This is because of the addition of the header that includes the metadata (even though the size of the header is very small) to the data log entry. With data compression, however, so far as the vSAN module is able to compress the received 4 KB data to seven or less sectors (considering the fact that each block may include 8 sectors), there may remain enough space to add the header to the compressed sectors, and as a result, the vSAN module may write only one 4 KB entry to the data log for each 4 KB data block the vSAN module receives.

Returning to FIG. 8, process 800 may write, at 840, the encrypted data block (e.g., the set of encrypted one or more compressed sectors) to at least one physical disk (e.g., as part of data blocks of a full strip write). As described above, for a full stripe write, the process may first write the data to a bank in memory. After writing the data to the bank, the process may determine whether a size of data (e.g., stored encrypted data) that includes the recently written data in the bank satisfies a threshold. The threshold, as described above, may be the size of a full stripe write to the CapObj in the capacity tier in some embodiments. If the process determines that the size of data in the bank has reached the threshold, the process may flush the bank to a set of one or more physical disks of a set of host machines (e.g., a full stripe write on stripe 520, with reference to FIG. 5 if the threshold size for a full stripe is defined to be the size of stripe 520, or a full stripe write on stripe 510 if the threshold size for a full stripe is defined to be the size of stripe 510). As a result of this full stripe write, the process may write the encrypted data block (received at 810), and stored in the bank, to a block of a physical disk among the set of physical disks. Process 800 may then end.

The specific operations of process 800 may not be performed in the exact order shown and described. Additionally, the specific operations may not be performed in one continuous series of operations, and different specific operations may be performed in different embodiments. For example, in some embodiments, before encrypting the data (at 820), the process may calculate a hash for the received data using a secure hash algorithm (SHA), such as SHA-256 or SHA-512/256. The generated hash, in some embodiments, may be added to the metadata stored in the header of the first entry along with other metadata, such as the LBA of the data block. Later, during the full stripe write, the process may store the hash value in a summary block on the same at least one physical disk (where the data is also written on a block). In other words, as described below, the summary block stored on each disk may be associated with the data blocks of the stripe that are stored on the same disk and may include some (or all) of the metadata associated with those data blocks, such as the hash values, tweaks (e.g., combinations of LBAs/PBAs and object IDs), etc., of those data blocks.

In some embodiments, in addition to flushing the bank, as a full stripe, to the CapObj, process 800 may also reserve some of the blocks of the stripe for saving some or all of the metadata related to each data block of the stripe. That is, in some embodiments, process 800 may write the data in the bank (e.g., the encrypted compressed data) to a set of data blocks of one or more disks, and at the same time, write a segment/stripe summary block to the set of disks.

In some embodiments, the segment summary block may include one or more summary blocks, each of which may be stored at one of the physical disks and may include metadata (e.g., the hash values, checksum values, compressed sectors' sizes, encryption tweaks, etc.) about the data blocks of the stripe written on that disk. In some embodiments, the segment summary block may be used for recycling (e.g., offline deduplication and garbage collection performed by a local LSOM module operating on each disk) or other datastore operations, such as checksum calculation, resyncing (or data repair), etc., without a need for decryption and/or decompression of the data stored on the disks.

FIG. 10 is a diagram 1000 illustrating a segment summary block for a full stripe write in a RAID 6 storage, according to an example embodiment of the present disclosure. Similar to the stripe shown in FIG. 5, FIG. 10 shows a stripe 1020 having 6 different columns (e.g., A, B, C, D, P, Q) associated with 6 different disks (e.g., of six different hosting machines or nodes) participating in a 4 (data disks)+2 (parity disks) RAID 6. As described above, each column 530 may represent a stripe size which is equal to the number of consecutive blocks that are on the same disk (or column, or chunk) before they resume on the next disk (e.g., 8 in the illustrated example). In some embodiments, the stripe may include a set of data blocks (e.g., data blocks 0-31) and a set of parity blocks (e.g., parity blocks P₀ to P₇ and Q₀ to Q₇) of the RAID 6. In some embodiments, each row 520 may also be considered as a stripe.

As described above, when a vSAN module writes a full stripe, the vSAN module may write some (or all) of the metadata (e.g., stored in the corresponding headers of the data log) to the segment summary block 1010, as shown in FIG. 10. For example, when the bank is full (e.g., when the bank reaches the stripe size threshold), the vSAN module may write the encrypted compressed blocks (e.g., sets of compressed sectors stored in the bank) 1 to 7 to blocks 0 to 6 of stripe 1020. The vSAN module may also write the metadata (e.g., the hash value, the compressed sizes of the sectors, tweaks, etc.) associated with each compressed block 0 to 6 to the summary block 7. That is, the vSAN module may write the metadata associated with each block of a column of the stripe to a summary block of the same column. As a result, each column of data blocks may have a summary block that is part of a segment summary block of the stripe (e.g., segment summary block 1010). Although shown as the last block of each column, in some embodiments, a summary block may be any other one of the blocks in the column, and may rotate in different stripes.

By having the segment summary block, the vSAN module may be able to determine whether the associated data blocks (e.g., containing the compressed sectors) are live or recyclable without decrypting and/or decompressing the compressed sectors in the blocks. For example, an LSOM sub-module of the vSAN module that resides on the same node that includes physical disk A may read the summary block 7 (e.g., during an offline garbage collection process) and without decrypting and/or decompressing the data blocks, based on the compression sizes of the sectors stored in the metadata of the summary block 7, determine that blocks 3 and 5 in column A include out-of-date data and can be recycled. For example, if the vSAN module determines that block 3 includes an LBA (e.g., based on the LBA of block 3 stored as metadata in summary block 7) that is mapped to a PBA outside the segment (e.g., pointing to a PBA in another segment), the vSAN module may mark block 3 as out-of-date and recyclable. The LSOM module may write the number of live blocks, along with other information, in a segment usage table (SUT) for later use. For example, after a recycling (or garbage collection) operation, the vSAN module may be able to determine the number of live blocks in the stripe (which is stored in the SUT), and if the determined number is less than a threshold, the vSAN module may move the live blocks to another segment to free up the whole stripe for future full stripe writes.

The summary blocks may also be used for other datastore processes, such as deduplication of the data blocks, checksum calculation of the data blocks, hash calculation of the data blocks, etc., without decryption and/or decompression of the corresponding data blocks. As one example, the vSAN module of some embodiments may calculate a cyclic redundancy check (CRC) for each data block the vSAN module receives. For example, with reference to FIG. 6, when zDOM module 620 receives a data block from the VM 610, in addition to encrypting and compressing the data in the data block, the zDOM module 620 may calculate the CRC for the data and generate a corresponding checksum for the compressed sectors. The zDOM module 620 may then store the checksum in the metadata created for the corresponding compressed sectors, which may be later added to the summary block of a disk where the compressed sectors are stored. As such, the vSAN module may determine the checksum for each block of a disk (e.g., blocks 0 to 6, with reference to FIG. 10) by simply retrieving the metadata from the summary block of the corresponding disk (e.g., the summary block 7) and without a need for decrypting (or decompressing) the encrypted (and compressed) data.

As another example, a vSAN module (e.g., a local LSOM sub-module of the vSAN module) may perform data deduplication on the data blocks stored on a disk (where the LSOM module resides or is being executed) without a need to decrypt (or decompress) the data blocks. For example, during a deduplication process, an LSOM module executing on a host machine may simply read the metadata of a summary block associated with a physical disk of the hosting machine and determine that two blocks include the same hash values. As discussed, the LSOM module may make such determination by merely looking at the hash values stored in the summary block and without decrypting the encrypted data in the two blocks. When the LSOM module determines that the two blocks have the same hash values, the LSOM module may add a pointer to one of the two blocks to point to a physical address of the other block (e.g., to the PBA associated with a physical block in which data of the other data block is stored). This way, two blocks that have the same hash values may point to the same physical disk (and therefore be deduplicated) without decrypting the blocks.

As further described below with reference to FIG. 11, the LSOM module may perform additional operations (e.g., additional decryption and re-encryption operations) when two or more blocks are determined to be duplicates of each other and may mark a deduplicated block (e.g., the physical block to which the other duplicate blocks are pointing) as “PBA-Encrypted” or “deduplicated” using the SUT in some embodiments.

As described above, by encrypting the data only once using LBAs as tweaks before writing the data to the data log, and later as a full stripe to the CapObj, some embodiments may reduce the CPU cost of the hosting system significantly, because, for example, no additional decryption and/or re-encryption of the data is required during the data transfer between the different layers of the data store. Additionally, during different datastore operations, such as garbage collection, data deduplication, etc., the datastore either does not decrypt the encrypted text, or perform only two more encryption/decryption operations on the deduplicated blocks, and thereby minimum CPU usage is required.

Additionally, by hashing the data in the data log before writing the data as full stripes to the CapObj, some embodiments may reduce the CPU cost of the hosting system significantly, because, for example, when every host machine in the hosting system performs a deduplication operation on its stored data blocks, the host machine does not have to calculate a hash value for each data block before comparing the hash values of the data blocks, thereby reducing the CPU cost of the host machine. Additionally, some embodiments may decrease the network bandwidth substantially when (remote) data replication is required. That is, since the hash values of the data blocks are stored in the summary blocks associated with the data blocks, only the hash values of the data blocks of two different sites (e.g., two different datacenters on two different locations) are compared to each other (instead of comparing the data blocks themselves) during a data replication operation.

For example, when data is required to be replicated at a remote datacenter, some embodiments may inquire the remote datacenter whether the same hash value for the to-be replicated data are stored at the remote datacenter. When the remote site has the same hash values, instead of having to send the real data of the data blocks, some such embodiments may only send the LBAs/PBAs of the data blocks to the remote site.

Furthermore, by compressing the data in the data log before writing the data as full stripes to the CapObj, some embodiments may reduce the CPU cost significantly, because, for example, less data may be written to the data log, and each mirrored disk may receive and store compressed data, instead of compressing the data individually on each separate disk (after the decompressed mirrored data is saved to the individual disks). Additionally, some embodiments may decrease the network bandwidth and disk I/O substantially, because, for example, less data needs to be transferred and/or exchanged between the different nodes of the hosting system that host the MetaObj and the CapObj.

FIG. 11 is a flowchart illustrating a method (or process) 1100 for data deduplication of a segment (or stipe) of stored data blocks, according to an example embodiment of the present application. The method 1100 may be performed by a module such as vSAN module 114, as described in FIGS. 1-3 in some embodiments, or a submodule of vSAN module, such as LSOM submodule 350, with reference to FIG. 3. In some other embodiments, the method may be performed by some other modules that reside in the hypervisor or outside of the hypervisor.

Process 1100 may start, at 1110, by reading a segment of stored data blocks. The segment or stripe may be similar to the segment 510 described above, with reference to FIG. 5. After reading the segment, process 1100 may identify, at 1120, two or more blocks that are duplicates of each other. For example, the process may identify a first physical block and a second physical block that store identical unencrypted data. Since the data stored in the physical blocks are encrypted, the process may make such determination by comparing the hashes of the blocks kept in the segment summary block (e.g., segment summary block 1010, with reference to FIG. 10) and if the hashes are the same, then the process knows that the two blocks are duplicates. The first and second physical blocks may be located on the same disk (e.g., of a host machine), in which case the hashes of the two blocks are stored in the same summary block of the segment summary block. Conversely, the first and second duplicate blocks may be located on two separate disks (e.g., of the same host machine or two different host machines), in which case the hashes of the two blocks are stored in two different summary blocks.

At 1130, process 1100 determines whether there is a first duplicate block (e.g., when operation 1130 is performed for the first time) or a next duplicate block (e.g., when operation 1130 is performed for a second or more times) identified in the segment. If no duplicate block is identified, the process may end. However, if at least two blocks are identified as duplicates, process 1100 performs, at 1140, a set of operations related to deduplication of the duplicate blocks. As an example of deduplication operations, as described above, process 1100 may change an LBA of the first duplicate block from pointing to a PBA of the first physical block to point to the PBA of a second physical block (or the reference block). As another example, process 1100 may update a back reference table to include the updated information about the first and second duplicate blocks. The back reference table, in some embodiments, contains information about which logical blocks point to the same physical block address. Some embodiments may use the information kept in the back reference table during data movements (e.g., when a physical block data is moved, the logical blocks pointing to the PBA of the physical block will be updated to point to the new physical address).

After performing the deduplication operations, process 1100 may determine, at 1150, whether the reference block (e.g., the physical block to which the pointer of the first duplicate block is changed) is marked as a “PBA-Encrypted” block. If the process determines that the reference block is marked as a “PBA-Encrypted” block, the process may read, at 1190, the next duplicate block in the segment identified at 1120 and proceed to 1130 to determine whether any duplicate block is left. For example, if at 1190 no additional duplicate block is read, process 1100 determines at 1130 that no more duplicate block is left and as such terminates.

When process 1100 determines that the reference block is not marked as a “PBA-Encrypted” block, the process may decrypt, at 1160, the encrypted data stored in the reference block using the LBA (and object ID) associated with the reference block as the tweak. The process may then re-encrypt, at 1170, the decrypted data of the duplicate block using the PBA (e.g., in combination with the object ID) associated with the reference block as the tweak. Although the object ID is not stored in the segment summary block, it may be set as an attribute of the component when the component was created for that object in some embodiments.

At 1180, process 1100 may mark the re-encrypted reference block as a “PBA-Encrypted” block and then, at 1190, read the next duplicate block (if any) of the duplicate blocks of the segment and proceed to 1130, which is described above. In some embodiments, the datastore may mark the data block as “PBA-Encrypted,” using the SUT. As described, a two-tier datastore (e.g., vSAN datastore) may manage each segment/stripe of memory using a SUT (e.g., in the LFS architecture) associated with that segment. The SUT may be used to, among other things, keep track of space usage and live blocks in each segment, which may be needed by the segment cleaner (also called the garbage collector) for cleaning segments to be reused (e.g., to move live blocks of the segment to another segment and open up free space for a new full stripe write on the segment). In some embodiments, the SUT may include different entries (or records) for the data blocks of the corresponding segment. In some other embodiments, the SUT may be indexed by the PBAs of the physical blocks of the segment with which the SUT is associated. The records (or sections indicated by indices) in the SUT may include information about the corresponding data blocks in the segment. Additionally, the SUT may include total number of live blocks, a pointer to the previous segment, and a pointer to the next segment (among other information).

In some embodiments, in each record associated with a data block of the segment, the SUT may include an additional field or flag (e.g., a one-bit field) that indicates whether the corresponding block is “PBA-Encrypted” or not. For example, during the deduplication process, once a data block is deduplicated, the datastore may set the flag (e.g., set the flag bit to “1”) associated with the reference block to mark the block as “PBA-Encrypted. This way, the datastore knows whether each block of a segment is encrypted using the LBA associated with the block as the tweak or the PBA associated with the block as the tweak. As a result, when data movement is subsequently needed (e.g., during segment cleaning, resyncing data, or a read process), the datastore knows which tweak (e.g., LBA or PBA) should be used to encrypt (or decrypt) the data in the block.

Marking the physical blocks in which the data blocks are stored as “PBA-Encrypted” or not (e.g., encrypted using the LBAs as tweaks) will help the datastore to know what tweak has to be used to decrypt/encrypt the data blocks in other datastore operations. FIG. 12 is a flowchart illustrating a method (or process) 1200 for an I/O operation performed on a data block stored on a disk, according to an example embodiment of the present application. The method 1200 may be performed by a module, such as vSAN module 114, as described in FIGS. 1-3 in some embodiments, or a submodule of vSAN module, such as LSOM submodule 350, with reference to FIG. 3. In some other embodiments, the method may be performed by some other modules that reside in the hypervisor or outside of the hypervisor.

Process 1200 may start, at 1210, by receiving a read request, for example, from a client VM for data stored in an encrypted data block. In response to the read request, where plain/clear text of data in the encrypted data block is needed, process 1200 has to know what tweak should be used to decrypt the encrypted data block. As such, after receiving the read request, process 1200 may determine, at 1220, whether the physical block storing the requested data block is marked as a “PBA-Encrypted” block or not. As described above, the process may make such a determination by simply looking at a flag bit kept in the SUT that is associated with the encrypted data block.

If process 1200 determines that the physical block storing the encrypted data block is not marked as a PBA-Encrypted block, the process may decrypt, at 1230, data in the physical block using the LBA associated with the data block. On the other hand, if process 1200 determines (at 1220) that the physical block storing the encrypted data block is marked as a PBA-Encrypted data block, the process may decrypt, at 1240, the data in the physical block using the PBA associated with the block. The process then returns, at 1250, the decrypted data to the requestor (e.g., the client VM). In some embodiments, the process may first decompress the decrypted data and then return, at 1250, the decompressed and decrypted data (e.g., the plain/clear text) to the requestor. The process may then end.

It should be noted that the read request may not just correspond to a single encrypted data block, as described above with reference to FIG. 12, and may be processed by two or more submodules of the vSAN module. For example, in some embodiments, the zDOM module may receive the read request and after performing a set of operations in combination with the LSOM module, may return the decrypted data to the client VM.

For example, when the zDOM module receives a read request, the request may include different parameters, such as the object ID, the LBA, and the number of blocks to be read. The zDOM module may translate the LBA to a DOM LBA and then translate the DOM LBA to a set of data block IDs, component LBAs, and number of blocks to be read. The zDOM module may determine, for each combination of component ID, component LBA, and number of blocks, which host owns the component ID. After making this determination, the zDOM module may send a read request to the LSOM module of the identified disk. The read request may include, in some embodiments, the component ID, component LBA, and number of blocks, as the set of parameters. The LSOM module may receive this request and send (as described below) either encrypted data blocks or decrypted data blocks back to the zDOM module depending on whether the data blocks are marked as “PBA-Encrypted” or not. After receiving the data blocks, the zDOM module may decrypt the data blocks (e.g., those data blocks that are not decrypted by the LSOM module) using the LBA of the encrypted data blocks as the tweak. The zDOM module may then decompress the decrypted data and return the plain text to the client VM.

After receiving the read request from the zDOM module, the LSOM module may translate the component ID to a disk ID (or the object ID) and the component LBA to the disk PBA. The LSOM module may then determine, for each data block, whether the SUT flag bit corresponding to the data block is set (e.g., the encrypted block is marked as “PBA-Encrypted”) or not. If the data block is marked as “PBA-Encrypted,” the LSOM module may decrypt the data block using the PBA of the data block as the tweak and mark the data as clear text (e.g., so that the zDOM module does not decrypt the data block again). Otherwise, if the data block is not marked as “PBA-Encrypted,” the LSOM module may just mark the data block as encrypted, so that the zDOM module decrypts the data block itself, as described above, using the LBA of the data block as the tweak. The LSOM module may then return the data block (e.g., either clear text data block, or encrypted data block depending on whether the data block was marked as a “PBA-Encrypted” data block) to the zDOM module.

As another example of using a proper tweak for decrypting/encrypting the data blocks, to (garbage) clean one or more segments stored on one or more disks, the LSOM module of some embodiments may first find a set of one or more candidate segments to which move the live blocks of the segment. For each segment that are not encrypted by the LSOM module, the LSOM module may read the data blocks in the segment, determine which data blocks are live in the segment, and write the live data blocks to one of the candidate segments. Conversely, for each segment that have already been encrypted by the LSOM module, the module may read the data blocks in the segment and determine which data blocks are live, for example, by looking at the SUT information associated with the data blocks. The LSOM module may then decrypt the encrypted data blocks with the old tweaks, which is the combination of object ID and old PBA (e.g., the PBA of the physical block storing the data block in the current segment) associated with each block, and then encrypt the data block with a new tweak, which is the combination of object ID and the new PBA (e.g., the PBA of the physical block in the candidate segment to which the data is transferred). The LSOM module may then write the live encrypted data blocks to the new candidate segment.

For resyncing the data blocks (or repairing RAID), the vSAN module of some embodiments may need to read the encrypted data blocks, since the parity associated with each data block was calculated based on the encrypted data in the block. As such, the LSOM module may, similar to a read process, determine whether each physical block storing the data block is marked as “PBA-Encrypted.” If the physical block is marked as “PBA-Encrypted,” the LSOM module may decrypt data in the physical block using the PBA of the block as the tweak and then encrypt the data in the block using the LBA of the block as the tweak.

The various embodiments described herein may employ various computer-implemented operations involving data stored in computer systems. For example, these operations may require physical manipulation of physical quantities usually, though not necessarily, these quantities may take the form of electrical or magnetic signals where they, or representations of them, are capable of being stored, transferred, combined, compared, or otherwise manipulated. Further, such manipulations are often referred to in terms, such as producing, identifying, determining, or comparing. Any operations described herein that form part of one or more embodiments may be useful machine operations. In addition, one or more embodiments also relate to a device or an apparatus for performing these operations. The apparatus may be specially constructed for specific required purposes, or it may be a general purpose computer selectively activated or configured by a computer program stored in the computer. In particular, various general purpose machines may be used with computer programs written in accordance with the teachings herein, or it may be more convenient to construct a more specialized apparatus to perform the required operations.

The various embodiments described herein may be practiced with other computer system configurations including hand-held devices, microprocessor systems, microprocessor-based or programmable consumer electronics, minicomputers, mainframe computers, and the like.

One or more embodiments may be implemented as one or more computer programs or as one or more computer program modules embodied in one or more computer readable media. The term computer readable medium refers to any data storage device that can store data which can thereafter be input to a computer system computer readable media may be based on any existing or subsequently developed technology for embodying computer programs in a manner that enables them to be read by a computer. Examples of a computer readable medium include a hard drive, network attached storage (NAS), read-only memory, random-access memory (e.g., a flash memory device), NVMe storage, Persistent Memory storage, a CD (Compact Discs), CD-ROM, a CD-R, or a CD-RW, a DVD (Digital Versatile Disc), a magnetic tape, and other optical and non-optical data storage devices. The computer readable medium can also be distributed over a network coupled computer system so that the computer readable code is stored and executed in a distributed fashion.

In addition, while described virtualization methods have generally assumed that virtual machines present interfaces consistent with a particular hardware system, the methods described may be used in conjunction with virtualizations that do not correspond directly to any particular hardware system. Virtualization systems in accordance with the various embodiments, implemented as hosted embodiments, non-hosted embodiments, or as embodiments that tend to blur distinctions between the two, are all envisioned. Furthermore, various virtualization operations may be wholly or partially implemented in hardware. For example, a hardware implementation may employ a look-up table for modification of storage access requests to secure non-disk data.

Many variations, modifications, additions, and improvements are possible, regardless the degree of virtualization. The virtualization software can therefore include components of a host, console, or guest operating system that performs virtualization functions. Plural instances may be provided for components, operations or structures described herein as a single instance. Finally, boundaries between various components, operations and datastores are somewhat arbitrary, and particular operations are illustrated in the context of specific illustrative configurations. Other allocations of functionality are envisioned and may fall within the scope of one or more embodiments. In general, structures and functionality presented as separate components in exemplary configurations may be implemented as a combined structure or component. Similarly, structures and functionality presented as a single component may be implemented as separate components. These and other variations, modifications, additions, and improvements may fall within the scope of the appended claims(s). In the claims, elements and/or steps do not imply any particular order of operation, unless explicitly stated in the claims. 

We claim:
 1. A method for encrypting data in one or more data blocks, the method comprising: receiving a plurality of data blocks to write on a plurality of physical disks associated with a set of one or more host machines; encrypting data in each data block in the plurality of data blocks using a logical block address (LBA) of the data block as a tweak; writing the plurality of encrypted data blocks to physical blocks of the plurality of physical disks; and performing deduplication on the plurality of physical disks by: determining that first and second physical blocks in the plurality of physical disks are duplicates, the first physical block having first encrypted data encrypted by a first LBA associated with the first physical block as the tweak, the second physical block having second encrypted data encrypted by a second LBA associated with the second physical block as the tweak; decrypting the first encrypted data in the first physical block using the first LBA associated with the first physical block as the tweak; and re-encrypting decrypted data in the first physical block using a first physical block address (PBA) associated with the first physical block as the tweak.
 2. The method of claim 1, wherein the first LBA associated with the first physical block is in an address space used by a device that receives the plurality of data blocks to refer to the first physical block, wherein the first PBA associated with the first physical block is in an address space used by a physical disk to refer to the first physical block.
 3. The method of claim 1, wherein performing deduplication on the plurality of physical disks further comprises changing a second LBA associated with the second physical block from pointing to a second PBA associated with the second physical block to point to the first PBA associated with the first physical block.
 4. The method of claim 1, wherein determining that the first and second physical blocks are duplicates comprises: comparing a first hash associated with the first physical block with a second hash associated with second the second physical block; and determining that the first and second hashes are the same.
 5. The method of claim 4, wherein the first hash is stored in a first summary block and the second hash is stored in a second summary block, wherein the first summary block is stored in a first physical disk of the plurality of physical disks and includes information about a first subset of the plurality of encrypted data blocks stored in the first physical disk, wherein the second summary block is stored in a second physical disk of the plurality of physical disks and includes information about a second subset of the plurality of encrypted data blocks stored in the second physical disk.
 6. The method of claim 1, wherein the plurality of encrypted data blocks stored in the plurality of physical disks is associated with a segment usage table (SUT) that includes information about the plurality of encrypted data blocks, the method further comprising marking the first physical block as PBA-Encrypted by setting a flag in the SUT that is associated with the first physical block.
 7. The method of claim 6, further comprising: receiving a read request to read a third physical block in the plurality of physical disks; determining whether the third physical block is marked as PBA-Encrypted in the SUT; when the third physical block is not marked as PBA-Encrypted, decrypting encrypted data in the third physical block using a third LBA associated with the third physical block as the tweak; when the third physical block is marked as PBA-Encrypted, decrypting the encrypted data in the third physical block using a second PBA associated with the third physical block as the tweak; and returning the decrypted data in response to the read request.
 8. The method of claim 1, further comprising performing a disk cleaning operation on the plurality of physical disks by: decrypting encrypted data in the first physical block using the PBA of the first physical block as the tweak; encrypting unencrypted data in the first physical block using a PBA of a third physical block of a new segment where the data is to be transferred as the tweak; and writing the encrypted data in the first physical block to the third physical block.
 9. The method of claim 1, wherein writing the plurality of encrypted data blocks comprises writing the plurality of encrypted data blocks to one or more physical memories first and after determining that a size of the written plurality of data blocks has reached a threshold stripe size, transferring the plurality of encrypted data blocks to the plurality of physical disks without performing any additional decryption and/or re-encryption operations on the encrypted data blocks.
 10. A non-transitory computer readable medium comprising instructions that, when executed by one or more processors of a computing system, cause the computing system to perform a method of encrypting data in one or more data blocks, the method comprising: receiving a plurality of data blocks to write on a plurality of physical disks associated with a set of one or more host machines; encrypting data in each data block in the plurality of data blocks using a logical block address (LBA) of the data block as a tweak; writing the plurality of encrypted data blocks to physical blocks of the plurality of physical disks; and performing deduplication on the plurality of physical disks by: determining that first and second physical blocks in the plurality of physical disks are duplicates, the first physical block having first encrypted data encrypted by a first LBA associated with the first physical block as the tweak, the second physical block having second encrypted data encrypted by a second LBA associated with the second physical block as the tweak; decrypting the first encrypted data in the first physical block using the first LBA associated with the first physical block as the tweak; and re-encrypting decrypted data in the first physical block using a first physical block address (PBA) associated with the first physical block as the tweak.
 11. The non-transitory computer readable medium of claim 10, wherein the first LBA associated with the first physical block is in an address space used by a device that receives the plurality of data blocks to refer to the first physical block, wherein the first PBA associated with the first physical block is in an address space used by a physical disk to refer to the first physical block.
 12. The non-transitory computer readable medium of claim 10, wherein performing deduplication on the plurality of physical disks further comprises changing a second LBA associated with the second physical block from pointing to a second PBA associated with the second physical block to point to the first PBA associated with the first physical block.
 13. The non-transitory computer readable medium of claim 10, wherein determining that the first and second physical blocks are duplicates comprises: comparing a first hash associated with the first physical block with a second hash associated with second the second physical block; and determining that the first and second hashes are the same.
 14. The non-transitory computer readable medium of claim 10, wherein the plurality of encrypted data blocks stored in the plurality of physical disks is associated with a segment usage table (SUT) that includes information about the plurality of encrypted data blocks, the method further comprising marking the first physical block as PBA-Encrypted by setting a flag in the SUT that is associated with the first physical block.
 15. The non-transitory computer readable medium of claim 14, the method further comprising: receiving a read request to read a third physical block in the plurality of physical disks; determining whether the third physical block is marked as PBA-Encrypted in the SUT; when the third physical block is not marked as PBA-Encrypted, decrypting encrypted data in the third physical block using a third LBA associated with the third physical block as the tweak; when the third physical block is marked as PBA-Encrypted, decrypting the encrypted data in the third physical block using a second PBA associated with the third physical block as the tweak; and returning the decrypted data in response to the read request.
 16. A computer system, comprising: a memory; and at least one processor coupled to the memory, the processor being configured to: receive a plurality of data blocks to write on a plurality of physical disks associated with a set of one or more host machines; encrypt data in each data block in the plurality of data blocks using a logical block address (LBA) of the data block as a tweak; write the plurality of encrypted data blocks to physical blocks of the plurality of physical disks; and perform deduplication on the plurality of physical disks by: determining that first and second physical blocks in the plurality of physical disks are duplicates, the first physical block having first encrypted data encrypted by a first LBA associated with the first physical block as the tweak, the second physical block having second encrypted data encrypted by a second LBA associated with the second physical block as the tweak; decrypting the first encrypted data in the first physical block using the first LBA associated with the first physical block as the tweak; and re-encrypting decrypted data in the first physical block using a first physical block address (PBA) associated with the first physical block as the tweak.
 17. The computer system of claim 16, wherein performing deduplication on the plurality of physical disks further comprises changing a second LBA associated with the second physical block from pointing to a second PBA associated with the second physical block to point to the first PBA associated with the first physical block;
 18. The computer system of claim 16, wherein the plurality of encrypted data blocks stored in the plurality of physical disks is associated with a segment usage table (SUT) that includes information about the plurality of encrypted data blocks, wherein the at least one processor is further configured to mark the first physical block as PBA-Encrypted by setting a flag in the SUT that is associated with the first physical block.
 19. The computer system of claim 18, wherein the at least one processor is further configured to: receive a read request to read a third physical block in the plurality of physical disks; determine whether the third physical block is marked as PBA-Encrypted in the SUT; when the third physical block is not marked as PBA-Encrypted, decrypt encrypted data in the third physical block using a third LBA associated with the third physical block as the tweak; when the third physical block is marked as PBA-Encrypted, decrypt the encrypted data in the third physical block using a second PBA associated with the third physical block as the tweak; and return the decrypted data in response to the read request.
 20. The computer system of claim 18, wherein the at least one processor is further configured to perform a disk cleaning operation on the plurality of physical disks by: decrypting encrypted data in the first physical block using the PBA of the first physical block as the tweak; encrypting unencrypted data in the first physical block using a PBA of a third physical block of a new segment where the data is to be transferred as the tweak; and writing the encrypted data in the first physical block to the third physical block. 